• DocumentCode
    2704467
  • Title

    Intrusion detection and security policy framework for distributed environments

  • Author

    El Kalam, Anas Abou ; Briffaut, Jérémy ; Toinard, Christian ; Blanc, Mathieu

  • Author_Institution
    Lab. d´´lnformatique Fondamentale d´´Orleans, CNRS, Orleans
  • fYear
    2005
  • fDate
    20-20 May 2005
  • Firstpage
    100
  • Lastpage
    105
  • Abstract
    This paper presents a novel intrusion detection approach and a new infrastructure to enforce the security policy within a distributed system. The solution guarantees the consistency of the security policy and prevents any accidental or malicious update (of the local policies). The control is carried out locally (in each host) in accordance with a meta-policy that enables a distributed control to update a global security policy while satisfying global security properties. The solution is more robust in terms of fault-tolerance and resists to denial of service attacks since the solutions carries out all the control locally. Two levels of intrusion detection are proposed to guaranty the integrity and the consistency of the distributed policy. The first level (meta-level, or administration level) guarantees that each local policy evolves according to the global security properties. This level detects attacks trying inadequate alterations of the local security policies. The second level corresponds to a classical intrusion detection system. But, it can take advantages of the local policy to detect attacks that violate the security objectives. That second level enables to integrate and to adjust various classical IDS. Our approach enforces the security of large scale systems
  • Keywords
    distributed processing; fault tolerant computing; large-scale systems; security of data; denial of service attack; distributed environment; fault-tolerance; global security policy framework; intrusion detection system; large scale system security; local security policy framework; malicious update; meta-policy; Access control; Computer crime; Computer security; Data security; Distributed control; Information security; Intrusion detection; Large-scale systems; Resists; Robust control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Collaborative Technologies and Systems, 2005. Proceedings of the 2005 International Symposium on
  • Conference_Location
    St Louis, MO
  • Print_ISBN
    0-7695-2387-0
  • Type

    conf

  • DOI
    10.1109/ISCST.2005.1553300
  • Filename
    1553300